What are the costs of a data breach?

Among the things that can help reduce the cost of a data breach, IBM cites employee training No. 1, lowering the average cost by about $260,000.

AI security and automation

Faced with labor and skills shortages, CISOs are increasingly turning to AI and automation to fill the gap. According to a recent IBM report, the average cost savings per breach for organizations using AI security and automation tools was $2.22 million, up from $1.76 million in 2023.

“Although the cost of data breaches has continued to rise over most of this report’s history, we have seen adoption and investment in key security technologies and methods improve,” said IBM’s Kady. “Organizations are increasingly adopting AI and automation-based security approaches that focus on faster response times – one of the key factors linked to reducing the cost of a data breach.”

Other technologies and strategies that contribute to reducing the cost of a data breach, according to the report, include, in planning for a reduced impact: security information and event management (SIEM); planning an incident response; nailing; threat intelligence; identity access management (IAM); security orchestration, automation, and response (SOAR); and endpoint detection and response (EDR) tools.

Preparedness is key to managing the costs of a data breach

Regardless of the costs involved, experts agree that preparedness is the key to minimizing the financial consequences of a breach.

“Quick response to an incident continues to be a clear driver of reducing the cost of breaches,” said Dutile of UST. “The worst losses are those that go unnoticed for a long time or have a slow or ineffective response.”

Modern cybersecurity requires a post-breach mindset that understands that, eventually, a successful data breach will occur, Forrester’s Mellen adds.

“Working under those conditions, you need to figure out how to handle that and build your resilience to respond better and faster. This is not only about the security function, and needs to be distributed throughout the organization, considering what marketing will do, what sales will do, etc. — as a business, how can you show that you value your customers and that you want to fix it as quickly and efficiently as possible,” he said.